CVE-2017-2104
The CVE-2017-2104 entry applies to the Android app Business LaLa Call App for Android, version 1.4.7 and earlier. The root cause is that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte...